Unnamed repository; edit this file 'description' to name the repository. https://git.kobert.dev/pm24.git/atom?h=v2.6.37-rc6 2010-10-23T18:47:02Z 2010-10-23T18:47:02Z Linus Torvalds torvalds@linux-foundation.org 2010-10-23T18:47:02Z urn:sha1:5f05647dd81c11a6a165ccc8f0c1370b16f3bcb0 * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6: (1699 commits) bnx2/bnx2x: Unsupported Ethtool operations should return -EINVAL. vlan: Calling vlan_hwaccel_do_receive() is always valid. tproxy: use the interface primary IP address as a default value for --on-ip tproxy: added IPv6 support to the socket match cxgb3: function namespace cleanup tproxy: added IPv6 support to the TPROXY target tproxy: added IPv6 socket lookup function to nf_tproxy_core be2net: Changes to use only priority codes allowed by f/w tproxy: allow non-local binds of IPv6 sockets if IP_TRANSPARENT is enabled tproxy: added tproxy sockopt interface in the IPV6 layer tproxy: added udp6_lib_lookup function tproxy: added const specifiers to udp lookup functions tproxy: split off ipv6 defragmentation to a separate module l2tp: small cleanup nf_nat: restrict ICMP translation for embedded header can: mcp251x: fix generation of error frames can: mcp251x: fix endless loop in interrupt handler if CANINTF_MERRF is set can-raw: add msg_flags to distinguish local traffic 9p: client code cleanup rds: make local functions/variables static ... Fix up conflicts in net/core/dev.c, drivers/net/pcmcia/smc91c92_cs.c and drivers/net/wireless/ath/ath9k/debug.c as per David 2010-10-21T14:17:26Z Balazs Scheidler bazsi@balabit.hu 2010-10-21T14:17:26Z urn:sha1:6ad7889327a5ee6ab4220bd34e4428c7d0de0f32 This requires a new revision as the old target structure was IPv4 specific. Signed-off-by: Balazs Scheidler <bazsi@balabit.hu> Signed-off-by: KOVACS Krisztian <hidden@balabit.hu> Signed-off-by: Patrick McHardy <kaber@trash.net> 2010-10-20T23:12:51Z Eric Paris eparis@redhat.com 2010-10-13T20:24:54Z urn:sha1:1cc63249adfa957b34ca51effdee90ff8261d63f The conntrack code can export the internal secid to userspace. These are dynamic, can change on lsm changes, and have no meaning in userspace. We should instead be sending lsm contexts to userspace instead. This patch sends the secctx (rather than secid) to userspace over the netlink socket. We use a new field CTA_SECCTX and stop using the the old CTA_SECMARK field since it did not send particularly useful information. Signed-off-by: Eric Paris <eparis@redhat.com> Reviewed-by: Paul Moore <paul.moore@hp.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: James Morris <jmorris@namei.org> 2010-10-20T23:12:48Z Eric Paris eparis@redhat.com 2010-10-13T20:24:41Z urn:sha1:2606fd1fa5710205b23ee859563502aa18362447 Right now secmark has lots of direct selinux calls. Use all LSM calls and remove all SELinux specific knowledge. The only SELinux specific knowledge we leave is the mode. The only point is to make sure that other LSMs at least test this generic code before they assume it works. (They may also have to make changes if they do not represent labels as strings) Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Paul Moore <paul.moore@hp.com> Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: James Morris <jmorris@namei.org> 2010-10-19T08:19:06Z Pablo Neira Ayuso pablo@netfilter.org 2010-10-19T08:19:06Z urn:sha1:ebbf41df4aabb6d506fa18ea8cb4c2b4388a18b9 This patch allows to listen to events that inform about expectations destroyed. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> 2010-10-13T16:00:50Z Jan Engelhardt jengelh@medozas.de 2010-10-13T14:37:45Z urn:sha1:75f0a0fd787bfa3ea1a916ca632a5b9e0007cbb7 Unification of struct *_error_target was forgotten in v2.6.16-1689-g1e30a01. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> 2010-10-04T13:45:23Z Simon Horman horms@verge.net.au 2010-08-22T12:37:51Z urn:sha1:001985b2c0cfad48e1dec8e30f4d432eac240dd2 Signed-off-by: Simon Horman <horms@verge.net.au> Acked-by: Julian Anastasov <ja@ssi.bg> 2010-09-28T19:06:34Z Pablo Neira Ayuso pablo@netfilter.org 2010-09-28T19:06:34Z urn:sha1:bc01befdcf3e40979eb518085a075cbf0aacede0 This patch adds the basic infrastructure to support user-space expectation helpers via ctnetlink and the netfilter queuing infrastructure NFQUEUE. Basically, this patch: * adds NF_CT_EXPECT_USERSPACE flag to identify user-space created expectations. I have also added a sanity check in __nf_ct_expect_check() to avoid that kernel-space helpers may create an expectation if the master conntrack has no helper assigned. * adds some branches to check if the master conntrack helper exists, otherwise we skip the code that refers to kernel-space helper such as the local expectation list and the expectation policy. * allows to set the timeout for user-space expectations with no helper assigned. * a list of expectations created from user-space that depends on ctnetlink (if this module is removed, they are deleted). * includes USERSPACE in the /proc output for expectations that have been created by a user-space helper. This patch also modifies ctnetlink to skip including the helper name in the Netlink messages if no kernel-space helper is set (since no user-space expectation has not kernel-space kernel assigned). You can access an example user-space FTP conntrack helper at: http://people.netfilter.org/pablo/userspace-conntrack-helpers/nf-ftp-helper-userspace-POC.tar.bz Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> 2010-09-22T06:36:59Z Pablo Neira Ayuso pablo@netfilter.org 2010-09-22T06:36:59Z urn:sha1:8b008faf92ac8f7eeb65e8cd36077601af7c46db With this patch, you can specify the expectation flags for user-space created expectations. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> 2010-08-24T01:30:30Z Linus Torvalds torvalds@linux-foundation.org 2010-08-24T01:30:30Z urn:sha1:d1b113bb028999e82a8528e1484be8c23fb5a7d9 * git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (27 commits) netfilter: fix CONFIG_COMPAT support isdn/avm: fix build when PCMCIA is not enabled header: fix broken headers for user space e1000e: don't check for alternate MAC addr on parts that don't support it e1000e: disable ASPM L1 on 82573 ll_temac: Fix poll implementation netxen: fix a race in netxen_nic_get_stats() qlnic: fix a race in qlcnic_get_stats() irda: fix a race in irlan_eth_xmit() net: sh_eth: remove unused variable netxen: update version 4.0.74 netxen: fix inconsistent lock state vlan: Match underlying dev carrier on vlan add ibmveth: Fix opps during MTU change on an active device ehea: Fix synchronization between HW and SW send queue bnx2x: Update bnx2x version to 1.52.53-4 bnx2x: Fix PHY locking problem rds: fix a leak of kernel memory netlink: fix compat recvmsg netfilter: fix userspace header warning ...